A Cooperative Intrusion Detection Model Based on Granular Computing and Agent Technologies

Authors:
Wei Zhang;Shaohua Teng;Haibin Zhu;Dongning Liu
Affiliations:
School of Computers, Guangdong University of Technology, Guangzhou, China;School of Computers, Guangdong University of Technology, Guangzhou, China;Collaborative Systems Laboratory, Nipissing University, North Bay, Canada;School of Computers, Guangdong University of Technology, Guangzhou, China
Venue:
International Journal of Agent Technologies and Systems
Year:
2013

Citing 11
Cited 0

Intrusion detection using autonomous agents

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Network Intrusion Detection: An Analyst's Handbook

Network Intrusion Detection: An Analyst's Handbook
Maximum Security

Maximum Security
An Architecture for Intrusion Detection Using Autonomous Agents

ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Decentralized multi-dimensional alert correlation for collaborative intrusion detection

Journal of Network and Computer Applications
When gossip is good: distributed probabilistic inference for detection of slow network intrusions

AAAI'06 proceedings of the 21st national conference on Artificial intelligence - Volume 2
M-M role-transfer problems and their solutions

IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Role-based collaboration and its kernel mechanisms

IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Constructive granular systems with universal approximation and fast knowledge discovery

IEEE Transactions on Fuzzy Systems
Granular neural networks for numerical-linguistic data fusion and knowledge discovery

IEEE Transactions on Neural Networks
Efficient Role Transfer Based on Kuhn–Munkres Algorithm

IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper initially analyzes the methods of four attack types, including Probing, DoS Denial of Service, R2L Remote to Local and U2R User to Root. It then categorizes attacks into four cases which are, respectively, one host-one host, one host-many hosts, many hosts-one host and many hosts-many hosts. Categorization is based on resource and destination addresses of network packages. Granular computing methodology is then applied to intrusion detection. With the support of the granular computing methodology and agent technologies, a cooperative intrusion detection model is proposed. Furthermore, the construction for an intrusion detection agent is presented. Finally, experiments are conducted. Results indicate that the proposed method can detect slow scanning attacks which cannot be detected by a traditional scanning detector.